Professional Documents
Culture Documents
Infrastructure
Security:
The
Emerging
Smart
Grid
Cyber
Security
Lecture
3:
System
Vulnerabili$es
Carl
Hauser
&
Adam
Hahn
Overview
System
Vulnerabili$es
SoEware
Hardware
Side
Channel
Social
Malware
Supply
Chain
Security
Mechanisms
Access
Control
Malware
Detec$on
Overview
System
Vulnerabili$es
SoEware
Hardware
Side
Channel
Social
Malware
Supply
Chain
Security
Mechanisms
Access
Control
Malware
Detec$on
Vulnerability
Characteris$cs
Time
introduced
Design
Implementa$on
Opera$onal
System
Components
SoEware
Hardware
Network
Impact
Fundamental Problem
Related
Problems
Integer
wraparound
Running concurrently
Overview
System
Vulnerabili$es
SoEware
Hardware
Side
Channel
Social
Malware
Supply
Chain
Security
Mechanisms
Access
Control
Malware
Detec$on
Hardware
Security
Ahacker
may
have
physical
access
to
hardware:
Example:
smart
meter
Approaches
Reverse
engineering
Side
channel
analysis
Monitor
buses
Serial
Peripheral
Interfaces
(SPI)
bus/JTAG
Use
logic
analyzers
to
interpret
bus
signals
protocols
Connect
to
bus,
pins
Overview
System
Vulnerabili$es
SoEware
Hardware
Side
Channel
Social
Malware
Supply
Chain
Security
Mechanisms
Access
Control
Malware
Detec$on
Side
Channel
Side
channel
ahack
alterna$ve
methods
to
obtain
key
from
crypto
system
(i.e.,
not
brute
force,
cryptanalysis)
Requires
some
ability
to
monitor
power/computa$on
$me
of
system
(usually
physical
access)
computes (c = me mod n)
Source: Rostami, M.; Koushanfar, F.; Karri, R., "A Primer on Hardware Security: Models, Methods, and Metrics," Proceedings of the IEEE , vol.102, no.8, pp.1283,1295, Aug. 2014
Overview
System
Vulnerabili$es
SoEware
Hardware
Side
Channel
Social
Malware
Supply
Chain
Security
Mechanisms
Access
Control
Malware
Detec$on
Social
Engineering
Humans
are
oEen
the
weakest
link
in
a
security
system
Social
Engineering
Examples:
Phishing
Example
Phishing
malicious
email
message
which
ahempts
to
come
from
trusted
source
Spear
phishing
very
targeted
phishing
where
ahacker
leverages
personal
informa$on
about
you
to
tailor
the
message
Why?
Example:
Overview
System
Vulnerabili$es
SoEware
Hardware
Side
Channel
Social
Malware
Supply
Chain
Security
Mechanisms
Access
Control
Malware
Detec$on
Malware
Malicious
SoEware
(Malware)
Malware categorize
Key components
Infec$on/propaga$on method
Payload
Obfusca$on techniques
This
quan$ta$ve
illustra$on
shows
the
early
(yellow),
middle
(orange),
and
late
(red)
stages
in
the
spread
of
the
Code
Red
worm
over
a
period
of
13
hours
on
July
19,
2001
(360,000
hosts)
(www.caida.org)
Infec$on/Propaga$on
How
does
malware
spread?
Remotely
accessible
soEware
vulnerabili$es
(e.g.,
buer
overows)
File
sharing
<A href=badstu.exe>En$cingImage.jpg</A>
Low-level extor$on (encrypt data, holding it hostage un$l vic$m pays $$$)
hhp://arstechnica.com/tech-policy/2015/04/police-chief-paying-the-bitcoin-ransom-was-the-
last-resort/
hhp://krebsonsecurity.com/2014/09/home-depot-56m-cards-impacted-malware-contained/
hhp://www.infosecurity-magazine.com/news/socialpath-malware-backs-up-to-cc/
hhps://nakedsecurity.sophos.com/2014/08/05/how-to-send-5-million-spam-emails/
hhp://www.csoonline.com/ar$cle/2112405/social-networking-security/how-keylogging-
malware-steals-your-informa$on--includes-video-.html
Botnets
Botnet:
DDoS
Spam
sending
Click
fraud
Distribute
new
exploit
code
Disguise/Obfusca$on
Techniques
Encrypt
the
virus
code
Obfusca$on
Rootkits
Ahackers
want
to
maintain
administra$ve
(root)
privileges
aEer
an
ahack
Types
Kernel
mode
Bootkit
Overview
System
Vulnerabili$es
SoEware
Hardware
Side
Channel
Social
Malware
Supply
Chain
Security
Mechanisms
Access
Control
Malware
Detec$on
Examples:
Hidden hardware
hhps://buildsecurityin.us-cert.gov/ar$cles/best-prac$ces/acquisi$on/a-systemic-approach-assessing-soEware-supply-chain-risk
Lenovo Supersh
hhp://www.cnet.com/news/lenovos-supersh-screwup-highlights-biggest-
problem-in-soEware/
hhp://www.ny$mes.com/2008/05/09/technology/09cisco.html?_r=0
hhp://www.gao.gov/assets/590/589568.pdf
Overview
System
Vulnerabili$es
SoEware
Hardware
Side
Channel
Social
Malware
Supply
Chain
Security
Mechanisms
Access
Control
Malware
Detec$on
Access
Control
Enforced
by
Hardware
(processor)
SoEware
(OS)
Hardware enforced
Access
Control
Opera$ng
System
Specify whether the subject and read, write, or execute the object
Approaches
Overview
System
Vulnerabili$es
SoEware
Hardware
Side
Channel
Social
Malware
Supply
Chain
Security
Mechanisms
Access
Control
Malware
Detec$on
Malware
Detec$on
An$virus
soEware
Compares
programs
to
known
malware
paherns
Analyzes
programs
for
malicious
opera$ons
Scanning
Pahern
matching
on
known
virus
signatures
Integrity
checks:
has
a
le
changed
(use
checksums)
Run
program
in
emulated
environment
and
see
if
it
produces
either
data
that
matches
a
signature
or
an
execu$on
sequence
that
matches
a
signature
Malware
Detec$on
Dicult
because:
Malware
performs
muta$on/obfusca$on/encryp$on
AV
companies
must
rst
obtain
the
malware
in
the
wild
before
developing
a
signature
Only
common
malware
is
detected
Detec$on
of
new,
sophis$cated
malware
tends
towards
0%
Malware
developers
can
also
use
AV
to
test
their
malware
Example
MS
Windows
Specify
allowed
applica$ons
with
Group
Policy
AppLocker
,
rules
based
white
list
on
Win
7,
Server
2008
Can
be
bypassed
End